Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/821152-9f13-4c09-9dcd-45bbb23a15d8/1/UEzUyopP5UVcAuE2wQnf6zxgiYA.roa
File: UEzUyopP5UVcAuE2wQnf6zxgiYA.roa (raw, json)
Hash identifier: WO7cSkDAVVG4RqEt/anGaCZXbbFB9XEJIQ0eE+HtSwo=
Subject key identifier: 50:4C:D4:CA:8A:4F:E5:45:5C:02:E1:36:C1:09:DF:EB:3C:60:89:80
Certificate issuer: /CN=2e1620890f700f012b0ba60172314e3c85919513
Certificate serial: 0194228DD7A564DA05999C600B4A17501ECC
Authority key identifier: 2E:16:20:89:0F:70:0F:01:2B:0B:A6:01:72:31:4E:3C:85:91:95:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LhYgiQ9wDwErC6YBcjFOPIWRlRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/821152-9f13-4c09-9dcd-45bbb23a15d8/1/UEzUyopP5UVcAuE2wQnf6zxgiYA.roa
Signing time: Wed 01 Jan 2025 15:48:28 +0000
ROA not before: Wed 01 Jan 2025 15:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9051
IP address blocks: 80.81.144.0/20 maxlen: 24
92.62.160.0/20 maxlen: 24
141.105.80.0/20 maxlen: 24
185.3.20.0/22 maxlen: 24
195.112.192.0/19 maxlen: 24
212.28.224.0/19 maxlen: 24
2a00:16e8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/821152-9f13-4c09-9dcd-45bbb23a15d8/1/LhYgiQ9wDwErC6YBcjFOPIWRlRM.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/821152-9f13-4c09-9dcd-45bbb23a15d8/1/LhYgiQ9wDwErC6YBcjFOPIWRlRM.mft
rsync://rpki.ripe.net/repository/DEFAULT/LhYgiQ9wDwErC6YBcjFOPIWRlRM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:d7:a5:64:da:05:99:9c:60:0b:4a:17:50:1e:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e1620890f700f012b0ba60172314e3c85919513
Validity
Not Before: Jan 1 15:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=504cd4ca8a4fe5455c02e136c109dfeb3c608980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3d:5d:ad:62:71:bb:1f:f2:20:c1:a8:e2:1a:
9d:90:0a:ec:cb:21:15:22:35:ae:e1:48:21:06:6f:
b7:bf:13:06:9f:b1:1e:e1:23:4b:fd:b3:be:97:86:
fc:89:64:2e:9c:66:0d:ff:97:16:95:4e:9e:b2:56:
08:48:52:80:a9:17:3d:9a:63:7e:ac:ab:d6:9a:2a:
7f:81:96:0f:47:9d:48:b3:0e:24:8d:1e:c6:51:8f:
98:7b:ee:2d:b7:ae:5a:66:30:88:8d:f9:0f:6e:b2:
44:36:0a:67:18:c1:a4:99:26:31:a0:e3:e2:e9:9a:
28:de:9b:a3:22:5f:60:12:f9:01:88:df:cd:08:46:
aa:b6:a7:5c:e2:8c:1d:ad:f7:cb:ba:72:9b:ed:7d:
fe:85:9e:33:0f:cc:ae:72:5b:84:bd:41:b4:0e:77:
a2:e9:93:4e:f8:bc:8c:9c:57:6f:99:12:29:07:b7:
83:86:f3:ce:5f:bf:7f:2f:3f:3f:a0:64:e3:57:b3:
f9:2a:c1:d4:a5:24:11:e6:42:98:2a:9b:fa:79:de:
82:69:37:6c:8b:89:aa:51:09:ca:ff:38:fe:c9:b3:
b0:5b:70:95:22:2a:b6:f4:5a:1e:0c:19:47:ed:de:
12:b9:e7:16:70:5c:51:9d:6d:25:06:52:4d:90:79:
3a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:4C:D4:CA:8A:4F:E5:45:5C:02:E1:36:C1:09:DF:EB:3C:60:89:80
X509v3 Authority Key Identifier:
keyid:2E:16:20:89:0F:70:0F:01:2B:0B:A6:01:72:31:4E:3C:85:91:95:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LhYgiQ9wDwErC6YBcjFOPIWRlRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/821152-9f13-4c09-9dcd-45bbb23a15d8/1/UEzUyopP5UVcAuE2wQnf6zxgiYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/821152-9f13-4c09-9dcd-45bbb23a15d8/1/LhYgiQ9wDwErC6YBcjFOPIWRlRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.144.0/20
92.62.160.0/20
141.105.80.0/20
185.3.20.0/22
195.112.192.0/19
212.28.224.0/19
IPv6:
2a00:16e8::/32
Signature Algorithm: sha256WithRSAEncryption
ac:78:7d:8a:19:3c:33:9d:58:27:74:53:d3:d0:78:56:1c:38:
c2:6f:f9:03:e4:51:f6:ca:59:15:53:f2:e2:ad:27:27:b2:e7:
ee:da:d3:6c:0a:79:af:0d:e6:66:69:4b:55:9e:fa:91:14:19:
ad:f3:00:b7:d2:40:01:db:c1:6f:08:8a:cf:75:7c:66:14:5a:
06:e5:46:b1:7c:7a:03:2e:de:3d:0d:3e:29:bc:d0:09:3a:ab:
02:ab:ca:a0:f8:01:27:64:c6:c6:b8:07:c2:5d:ab:e9:6d:cc:
d6:1f:e5:75:75:f3:96:76:96:b1:7f:84:e6:26:92:e2:96:2c:
ce:76:08:b7:ef:75:60:a7:f9:bd:be:c1:a0:a4:6b:02:2d:45:
b7:16:f8:d8:a5:b5:8c:e0:39:ca:a2:29:93:39:b1:7a:a1:35:
bb:bb:74:e0:b9:5e:8c:c8:79:e5:9f:59:de:2f:d0:51:52:43:
cc:fb:a1:82:44:45:60:1e:c0:de:fb:3a:b2:99:75:62:1e:7e:
65:57:23:8d:ad:5b:14:56:e2:a3:3e:ea:fc:68:93:94:c5:50:
4a:7f:2d:32:21:04:53:35:f0:0b:45:48:13:a6:ac:df:9b:fc:
ec:17:d6:14:03:16:0a:1b:cc:ea:82:38:c0:0c:21:6a:ab:78:
1b:8d:4f:62
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQijdelZNoFmZxgC0oXUB7MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMTYyMDg5MGY3MDBmMDEyYjBiYTYwMTcyMzE0ZTNjODU5
MTk1MTMwHhcNMjUwMTAxMTU0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDRjZDRjYThhNGZlNTQ1NWMwMmUxMzZjMTA5ZGZlYjNjNjA4OTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqT1drWJxux/yIMGo4hqdkArsyyEV
IjWu4UghBm+3vxMGn7Ee4SNL/bO+l4b8iWQunGYN/5cWlU6eslYISFKAqRc9mmN+
rKvWmip/gZYPR51Isw4kjR7GUY+Ye+4tt65aZjCIjfkPbrJENgpnGMGkmSYxoOPi
6Zoo3pujIl9gEvkBiN/NCEaqtqdc4owdrffLunKb7X3+hZ4zD8yucluEvUG0Dnei
6ZNO+LyMnFdvmRIpB7eDhvPOX79/Lz8/oGTjV7P5KsHUpSQR5kKYKpv6ed6CaTds
i4mqUQnK/zj+ybOwW3CVIiq29FoeDBlH7d4SuecWcFxRnW0lBlJNkHk6rwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFFBM1MqKT+VFXALhNsEJ3+s8YImAMB8GA1UdIwQY
MBaAFC4WIIkPcA8BKwumAXIxTjyFkZUTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGhZZ2lROXdEd0VyQzZZQmNqRk9QSVdSbFJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy84MjExNTItOWYxMy00YzA5LTlkY2Qt
NDViYmIyM2ExNWQ4LzEvVUV6VXlvcFA1VVZjQXVFMndRbmY2enhnaVlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy84MjExNTItOWYxMy00YzA5LTlkY2QtNDViYmIyM2ExNWQ4
LzEvTGhZZ2lROXdEd0VyQzZZQmNqRk9QSVdSbFJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEUFGQAwQE
XD6gAwQEjWlQAwQCuQMUAwQFw3DAAwQF1BzgMA0EAgACMAcDBQAqABboMA0GCSqG
SIb3DQEBCwUAA4IBAQCseH2KGTwznVgndFPT0HhWHDjCb/kD5FH2ylkVU/LirScn
sufu2tNsCnmvDeZmaUtVnvqRFBmt8wC30kAB28FvCIrPdXxmFFoG5UaxfHoDLt49
DT4pvNAJOqsCq8qg+AEnZMbGuAfCXavpbczWH+V1dfOWdpaxf4TmJpLilizOdgi3
73Vgp/m9vsGgpGsCLUW3FvjYpbWM4DnKoimTObF6oTW7u3TguV6MyHnln1neL9BR
UkPM+6GCREVgHsDe+zqymXViHn5lVyONrVsUVuKjPur8aJOUxVBKfy0yIQRTNfAL
RUgTpqzfm/zsF9YUAxYKG8zqgjjADCFqq3gbjU9i
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:07 2025 by rpki-client